ISO/IEC 21000-5:2004

ISO/IEC 21000-5:2004 specifies the syntax and semantics of a Rights Expression Language. ISO/IEC 21000-5:2004 does not give any permission, including permissions about who is legally or technically allowed to create Rights Expressions. It does not specify the security measures of trusted systems, propose specific applications, or describe the details of the systems required for accounting (monetary transactions, state transactions, and so on). It also does not specify if or when Rights Expressions shall be consulted. However, ISO/IEC 21000-5:2004 does define an authorization model to specify whether the semantics of a set of Rights Expressions permit a given Principal to perform a given Right upon a given optional Resource during a given time interval based on a given authorization context and a given trust root.